Cracking Crypto To Get Into College

Kallahar writes "New Scientist is running a story about a Canadian university who had students break an encrypted message in order to get into college. A good idea to grab a good student, but here in 'Free' America these kids would have been thrown in jail for violating the DMCA ..."

Re:The DMC is bad enough - you needn't make stuff

[AntiNorm]

shut up timothy - the DMCA doesn't apply when the copyright holder asks you to break the encryption.

You mean like when Professor Felten was threatened because he met the challenge to break SDMI? Oh wait...

Re:The DMC is bad enough - you needn't make stuff

[jockm]

shut up timothy - the DMCA doesn't apply when the copyright holder asks you to break the encryption.

It is worth pointing out that Timothy isn't the one who made that comment. It was the submitter, Kallahar...

Re:The DMC is bad enough - you needn't make stuff

[Cato+the+Elder]

Of course, since it was just an encoded mathematical problem, I doubt they even bothered to copyright it. And it was the poster, not the editor, who made the stupid comment. I still would argue that the flambait line should of have been removed, but hey. Too bad you can't mod stories.

The idea sounds interesting, but kinda gimmicky. Especially with a scholarship for speed--with a problem it took 30 minute for _New_Scientist_ to solve (or did I misread something) that seems a bit silly. Now, waiving the application fee for anyone who solves it, that seems a more commensurate prize.

Doesn't make you a good student

[gtaluvit]

Just because you broke some method of encryption doesn't necessarily make you a good computer science student. What about good design or object oriented techniques? How about math skills and knowledge of discrete mathmatics and its relation to programing language design?

Since I know scripting languages, am I an elite hacker?

Since I can install linux, am I a sys admin?

Since I can make brownies am I Wolfgang Puck?

IMHO breaking the encryption doesn't mean too much.

Re:Doesn't make you a good student

[Peyna]

Breaking encryption would imply good mathematical knowledge and higher reasoning.

I think this is a good basis for a scholarship and admission. Most other scholarships and admissions are based on self-written essays. At least it is less subjective.

Re:Doesn't make you a good student

[Boiling_point_]

Setting a world-realistic problem as an entrance/scholarship test is fair enough, but the implementation here sounds pretty unfair.

The article states that New Scientist took 30 minutes to decode it - since the scholarship went to the first person to email a correct answer to the university, I fail to see how this differs substantially from "first post" trolling.

Education should not be a gimmick.

Re:Doesn't make you a good student

[cscx]

Since I know scripting languages, am I an elite hacker?

Since I can install linux, am I a sys admin?

Isn't that the general consensus around here?

Re:Doesn't make you a good student

[nathanh]

I'm no genius but it took me 30 seconds to decipher the code. It's base 4 with the letters numbered consecutively.

Re:Doesn't make you a good student

[Sparr0]

And for everyone who didnt bother to read the article:

One hundred other students who also managed to decode and figure out the problem were offered a place on the computer science course at the university.

Re:Doesn't make you a good student

[hyoo]

I think they are trying to find students who are more than plain academic nerds. A high school student who has enough knowledge to break an encryption scheme (even if its fairly trivial by todays standard) shows potential. High school does not teach the theory to be proficient in encryption and any student who demonstrates this skill must have put in extra time to learn (which is proof of potential IMHO).

I think that this is a great way to separate bookworms from brilliant people.

The fact that they can break the encryption doesn't make them a computer scientist, but then again a non-computer person can enter university and as long as they have the desire to learn they can leave with a lot of knowledge.

Re:Doesn't make you a good student

[DavidBrown]

I disagree with your idea. A high school student who is able to break this encryption scheme isn't necessarily a high school student of more potential then average. He or she is just a high school student who, for curiosity or any other reason, has applied his or her talents to the study of cryptography or puzzles.

The "potential" shown by the successful codebreaker is the same potential shown by successful Mensa applicants - they figured out a problem, but that doesn't necessarily translate into a "special" skill for problem solving or genius potential.

But, despite all that, why shouldn't the university give a break to the first person who can figure out the solution?

Re:Doesn't make you a good student

[talonyx]

You're absolutely right. This shows completely that they know more than the average person about computers and algorithms.

Re:Doesn't make you a good student

[sql*kitten]

Just because you broke some method of encryption doesn't necessarily make you a good computer science student. What about good design or object oriented techniques? How about math skills and knowledge of discrete mathmatics and its relation to programing language design

No, but that's what you're going to study to learn. The test is looking for logical deduction and reasoning skills that can't be learnt through academic study, but are necessary for it.

Re:Doesn't make you a good student

[squaretorus]

Since I know scripting languages, am I an elite hacker?


well... yes!

Re:Doesn't make you a good student

[Lord+Omlette]

"deduction and reasoning skills that can't be learnt through academic study"

Just curious, isn't that what the Euclidean Geometry class is for? You know, where you learn about points and lines and planes and triangles and etc. and you have to prove theorems and stuff?

Deduction & reasoning skills have to be taught somehow, I don't buy that students are born ready for cs.

Re:Doesn't make you a good student

[hyoo]

Math is essential if you wish to be a computer scientist. Its easy to code, it's hard to come up with elegant/correct algorithms with basic knowledge of math.

If you disagree, then you must be someones coding bitch and not a REAL programmer.

Re:Doesn't make you a good student

[BitterOak]

Most other scholarships and admissions are based on self-written essays.

No, they are generally based on grades and SAT scores. The essays are just to make it look like the college is interested in a well-rounded person, and not just someone who scores well on tests. Other than being a measure of basic literacy, the essays really have very little to do with admission, in practice.

Ummmm

[tswinzig]

See, these people write in with links to articles, and they write a summary of the article and usually throw in their opinion. Those parts are italicized. Then an editor approves the story and sometimes they make comments themselves.

And sometimes they don't make comments. Like this time.

So, I think you owe timothy an apology.

American universities

[DeltaStorm]

I wish that more universities in the US did this. It would help distinguish those that are intelligent from those that leaned over the shoulders of the intelligent.

Re:American universities

[stevarooski]

That would depend on the type of the problem given by the aforementioned American universities. If it was something that could be cracked by solid quantitative reasoning alone, I would very much agree--especially if this is an intro course you're talking about. Make sure that you're testing ability and potential, not knowledge at this point!

Not every kid who wants to try CS needs to be a math whiz. I was a Music major when I took my first CS class on a whim, and now I'm getting my Comp E degree. When I started, I didn't know anything about algorithm formation or discrete math.

Re:The DMC is bad enough - you needn't make stuff

[haruharaharu]

You mean like when Professor Felten was threatened because he met the challenge to break SDMI?

Proffesor Felten was threatened when he attempted to publish his results - The specific charge, as I recall, was distribution of a circumvention device. This is different, one notable difference being that most universities won't try to sue you for entering their contest.

the details

[Syre]

The cryotography turns out to have been very trivial. Here are the details.

Re:the details

[Alsee]

The cryotography turns out to have been very trivial.

Yep. The web site gives lots of hints, and even offers live help via E-mail. They are trying to make it almost as easy as possible. Why?

"The University of Lethbridge is holding a contest to attract computer scientist students",

This wasn't done as a scolarship program for deserving students. It's a PUBLICITY STUNT.

The hardest part is either translating all the letters by hand, or typing it into a program to translate it for you.

As for the math problem in the message -
Any Math major that can't find a pattern to get the answer deserves to be rejected.
Any Computer major that can't write a program to get the answer deserves to be rejected.

-

Re:the details

[smnolde]

This kind of contest reminds me of the move "A Christmas Story" when the young boy gets his decoder ring and is finaly able to decode Secret Annie's message.

The message? DONT FORGET TO DRINK YOUR OVALTINE

Re:the details

[liquidsin]

Trivial??? It looks a hell of a lot more sophisticated than what Adobe uses to "protect" their Ebooks!

Re:the details

[caesarsgarten]

Yeah, you got it! It is just an ad that fits the organisation that placed it. As I mentioned in an earlier post: Even a computer major must not use a program to solve this problem. If your're unable to solve this by paper and pencil (mental arithmetics should be sufficient, too), you won't be able to write a non-trivial program, too. In this case the studies of CS would be a waste of time and money. Maybe it is more difficult to read and understand the hints given. A good student tries to understand the problem completely before getting into work with it. So it is not a question of easy-diffiuclt, it is a question whether the student has the right attitude.

Re:the details

[yesthatguy]

Hmm, even if you don't pick up on #4 in the coded part itself...

Williams said that a large poster and contest information was created using a computer code -- called Base4 -- which substitutes a series of numbers for letters of the alphabet.

Why oh why would the computer code be called Base 4? I have no idea. Anyway, it is a pretty neat gimmick. I probably would've spent the few minutes to decipher it if I had gotten it in the mail, even without any intention of going to that school.

Re:the details

[Alsee]

they aren't compsci majors.

Bzzzt! Wrong answer.

"Winning" the contest gets you a spot in the computer curriculum.

The website has an E-mail address where a professor will help you. They want as many people as possible to solve it. They are trying to get customers, err I mean students. The "scholarships" they offer are handed out randomly. It's written off as an advertizing expense.

-

Re:The DMC is bad enough - you needn't make stuff

[themassiah]

He wasn't threatened when he broke it or because he broke it. He was threatened because he was going to do the un-American (un-Corporate?) thing and turn down the money instead to publish a paper on the subject [which he subsequently did present].
Disclosure of procedure is different than just doing something.

..Minus the slashdotisms

[jesterzog]

From slashdot:

"New Scientist is running a story about a Canadian university who had students break an encrypted message in order to get into college."

But from the article:

"A Canadian university has awarded a scholarship to the first prospective student who successfully cracked an encoded mathematics problem"

And from slashdot:

"...here in 'Free' America these kids would have been thrown in jail for violating the DMCA ..."

Uh, yeah. Whatever.

Re:..Minus the slashdotisms

[Peyna]

He was a little closer than that, if you read the next paragraph:

One hundred other students who also managed to decode and figure out the problem were offered a place on the computer science course at the university. While it may not have been required for admission, and I don't know the size of their program, 100 sounds pretty high, so that may well encompass all incoming freshmen, or not.

Re:..Minus the slashdotisms

[lewkor]

I graduated from the University of Lethbridge in Dec 1992. I remember Dr. Holtzman well. He was a very fair prof who made the students work for their grades.

It is a small undergraduate university and unless its grown tremendously since I left one hundred students would be a huge increase in enrollment for the department of compting science. Intro courses in math had maybe 50-60 people and my compiler construction class had only 8 people in it!

There was equal emphasis on theory and practical application. One downside was that the school could not afford any sexy hardware, but that is not as important as learning the basics in my opinion. Nor did it have a Electrical Engineering department. I would like to have learned more about hardware and that's the only difference that I notice when comparing myself to the tech people that I meet where I live now (Calgary, Alberta).

The University of Lethbridge is a particularly good place to go for a science degree because the work that is usually left to grad students at larger institutions is sometimes done by eager undergrad students. I had one friend who had his name on a paper accepted to an academic journal while he was in his forth year of chemistry.

Macleans, a national news magazine similar Time or Newsweek, rates the canadian universities each year. The University of Lethbridge rates just behind the bigger canadian universities like Waterloo, University of Toronto, University of British Columbia, McGill etc.

Makes me almost miss the place. Almost! :^>

Re:..Minus the slashdotisms

[csbruce]

Just because 100 students were offered admission doesn't mean that the students accepted or that the university could handle all of them if every one of them did accept.

Link to puzzle

[mattvd]

Here's a link to the puzzle from the college's website:

http://www.whatmagnet.com/gofigure/index.html

Re:Link to puzzle

[embobo]

Well, I can tell you I wouldn't win the scholorship. That website was so annoying that I couldn't get past the first couple pages (including a splash page, barf) which talked about Flash being 21st century technology and all the l33t speak.

Re:Link to puzzle

[dragons_flight]

Geez that code is trivial. At least the puzzle requires a smidge of thought. Though with only going to a million, the math puzzle could just as easily be solved by brute force.

I'm not sure whether to be happy that they want to make kids think, or be upset that they think today's youth are capable of so little.

And what's with spraying the university's name all over the encrypted text? Do they really think people that can decrypt it need to be reminded several times about what university wrote the puzzle?

not really OT

[NightHwk1]

This reminds me of the Try2Hack website.. It consists of 10 or so challenges, each one harder than the previous, involving html/javascript, java, vb, packet sniffing, etc.

It would be great to see something like this as a final exam for anyone studying networks or security.

Re:The DMC is bad enough - you needn't make stuff

[isomeme]

The DMCA doesn't apply when the copyright holder asks you to break the encryption.

Tell that to Felten.

(And yes, the RIAA backed off...but the threat was credible enough that it left the lingering possibility that someone could be prosecuted under the DMCA for breaking encryption when invited to do so, if the inviter disapproves of what they do with the information afterwards.)

Article was short on details

[dytin]

The New Scientist article was really short on details. Anyway though, I found the university's press release, which has much more details. It can be found here. This link also contains the actual puzzle in case anyone is so inclined to try to break it...

Clarify

[1g$man]

Do you mean "free as in beer" or "free as in speech?"

You missed the point...

[Lethyos]

The point of college is to learn the things you have mentioned. Does filling out a college application or writing an entrance essay make you a good CS student? No. It just demonstrates your ability to perform a task involving some thought. Does breaking an encrypted message make you a good CS? No, of course not. But, it DOES show that you have strong skills in mathematics and analytical logic. Don't be so silly in jumping to conclusions.

That was simple

[ipfwadm]

All the code is is the index of the letters of the alphabet in base 4. There's a URL underlined in there that makes it really obvious what the "encryption" technique being used is.

Re:the code

[mliu]

SPOILER ALERT

Heh, they can call it encryption if they want, but this is encryption on the same scale as ROT-13. The message is encoded in the Base-4 number system with each number being the alphabet's letter's numerical position. so a = 1, z = 26. Or encoded, a = 001, z = 122.

And like numerous people have pointed out, while this contest in itself can't lead to a DMCA violation, the sad thing is, a piece of software "encrypted" with this algorithm could.

You guessed what I was gonna say: "OH WELL"

[rice_burners_suck]

This is a marvelous idea! Now that I've thought of it, I believe that every college should do something unique each year as part of its acceptance process. In other words, technical colleges might have you break an encryption, or fix some obscure bug nobody can find in a huge piece of software, or something difficult and obscure that most people wouldn't be able to accomplish. If you can do that, it adds major points to your acceptance process and gives you a huge advantage. Of course, other important stuff (like what grade you got in kindergarden) would still apply.

-_-_-O-_-_-H-_-_- -_-_-W-_-_-E-_-_-L-_-_-L-_-_- !

I Agree With This - To A Certain Extent

[Ieshan]

You know, this makes sense, up to a point. Most Liberal Arts kids have to write Essays to get into college, why not have Computer Science Geeky Kids Crack Codes?

Well, I think the major problem is the *lack* of creativity. This doesn't quite show that you have creative thought, only that you can deduce something logically. Now, as I understand it, that applies to programming, but really, if you're going to be a college student, life is more about creative problem solving than it is about logical.

Although, it is a neat idea. Will physics students be allowed to design experiments, or will others get similar "bonuses" to their college application process? I'd like to hope so.

Down with Standardized Tests, In With Creative Applications.

Re:I Agree With This - To A Certain Extent

[God_Retired]

if you're going to be a college student, life is more about creative problem solving than it is about logical

Yeah, I remember my first year in the dorm over a decade ago. A friend of mine had some weed, but neither of us had a pipe or bong. I ended up taking my pocket knife to an apple and we were smoking within 5 minutes. Damn I miss that creative college life...

Man, this is easy

[VVrath]

I'm about middle of my course of 400 CompScis, and it took me all of five minutes to 'crack' the code, and solve the puzzle. Any kid who's done GCSE Computation (aged 14-16) should be able to work it out in less than half an hour.

Are degree courses that easy to get on to in Canada? I had to get three A levels at grade C or above (and my Uni's not particularly prestigous)!

Re:Man, this is easy

[feelafel]

I'm about middle of my course of 400 CompScis, and it took me all of five minutes to 'crack' the code, and solve the puzzle. Any kid who's done GCSE Computation (aged 14-16) should be able to work it out in less than half an hour.

Well of course it's easy for a university student, and of course it's totally possible to complete for a high school student. Doesn't make much sense to post a puzzle for admission to a CS program that nobody can solve, does it?

At the end of the day, Lethbridge was trying to attract self-motivated students. The students who actually take the time to decode the message (very easy) and then solve the problem (a little more difficult, especially if you try to come up with a formula instead of just brute-forcing it) are the ones that they want. Not neccessarily because they have the capability to come up with the correct solution, but because they've got the moxy and the motivation to actually give it a "college try", as it were.

Your flamebait comment about the implications of Canadian University degrees will go ignored, but noted.

Re:Man, this is easy

[Malc]

Getting into and going all the way are completely different stories! Some universities have lower entrance requirements, but are much tougher later on.

From my experience: I went to UEA. I chose them because at the time, they had the best N. American exchange program. York and Lancaster also had programs, but not as good. Cats college in Cambridge told me I could do an exchange, but I would have to set it up myself. That and their requirement of an A in Further Maths A-Level on top of A's in Maths and Physics (and not Geology which I was really good at) made me decide on Norwich ;)

My exchange year was spent at Carleton University in Ottawa. That place has the rep. of being second to Ottawa University (like a poly), but also for having really low entrance requirements. It was much harder for those people to get into the second year. Take it two ways: 1) they give people a chance who have failed to get in elsewhere; 2) they're money grabbing b******s who will let in anybody, take their mullah and not give them a degree ;)

The work was different than at a British university, but not necessarily to a lower standard. To be good at a British university required excessive reading around a subject. Being good at the Canadian one required working excessively hard, even if the work was not immensely challenging (try doing 4 or 5 courses in one semester with 5 one week projects for each). I did learn some good transferable skills at Carleton (e.g. OO), and take some of the main courses needed for my BCS (???) accreditation (as if anybody in the real world cares about that). They were way ahead of UEA in the OO department - e.g. UEA moved from structured programming to OOP the year after I came back by switching to teaching C++ instead of Modula-2 to the 1st year students.

Re:Man, this is easy

[Malc]

I agree: commercialisation of universities seems to be leading to devaluation of degrees. My dad did some teaching at the University of Westminster (or whatever it's called). Six of the students that he gave bad grades to complained! All sorts of trumped up charges for which my dad was cleared, although after causing him lots of stress. It seems that many students these days are spending huge wodges of cash, and in typical consumer fashion are expecting to get a good degree in return. Well I'm sorry, but that's not what academia is about: in my book, if you can't make the grade, you lose, irrespective of wealth and connections.

The REAL Story ... (the code isn't the challenge)

[feelafel]

If anyone's interested in the real story, they should go to this story in the National Post.

Amongst other things, it talks about how the code is the first part of the challenge. The coded message leads to a math problem (which is actually kind of fun and has a rather elegant solution). Solve the math problem, and you get into school with the chance to win a scholarship.

Having gone to the site and gone through the decode and solve phases, I can happily report that the "code" isn't really a code at all. As the site hints, it's basically "coded" by being written in base-4. The challenge is really in the math problem, which requires applicants to find the summation of all decimal digits in the sequence of natural numbers from one to one million. While this isn't impossible, it does require some thought and intelligence. I thought it was a great idea for students who liked math and computer science (the problem can also be solved with a simple brute force algorithm) but weren't neccessarily that stellar students nor interested in lengthy University applications.

Heck - I spent an hour coming up with a solution and then verifying it with a quick little Java program. It was fun! Give it a shot!

(As a Troll-y sidenote, I'd like to mention with some degree of bitterness that I submitted this story, except when I did it, I got the facts right. Apparently this warrants a rejection, and irrelevant whining about the DMCA warrants approval. Do you ever wonder why /. gets a bad reputation from time to time?)

I can't believe no one has posted this...

[macsuibhne]

Was it "f u cn rd ths, u cn gt a gd jb n cmptr prgrmmng."?

Enquiring minds &c.
Tony.

Coming soon...

[Nugget]

... the distributed.net online scholarship program!

]:8)

makes you wonder

[joenobody]

Does this strike anyone else as a great way to get someone else to finish up the work on your thesis for you?

Re:=)

[justin.warren]

Heh. Just beat me to it. Simple substitution cipher with all letters substituted for their position in the alphabet in base 4:

A = /001
B = /002
etc. Numbers, dates and punctuation not included.

Answer's 27,000,001 in case you were wondering.

Silly Question

[Guppy06]

If you have to know crypto-analysis in order to get into college, where are you supposed to learn crypto-analysis? Or is Canada yet another of those countries where university != college?

Re:Silly Question

[aallan]

If you have to know crypto-analysis in order to get into college, where are you supposed to learn crypto-analysis?

A book?

Al.

Re:The DMC is bad enough - you needn't make stuff

[DarkZero]

Actually, it DOES apply. Professor Felten was asked to break it as part of a competition, but was then prosecuted fo it. Also, Dmitry Sklyarov was not asked to break Adobe's encryption, but a precedent was set when Adobe chose not to prosecute him, but the US government decided to prosecute him in federal court because breaking encryption broke the CRIMINAL LAW aspect of the DMCA.

It is definitely feasible that a college student breaking the encryption on an encrypted message, even when specifically asked by his college to break the encryption on a message given to him by his college, would be at risk for prosecution under the DMCA. It is a very broad piece of legislation, the specific wording of which could easily be held up in court in a variety of cases, regardless of whether or not the defendant was asked to break the encryption and whether or not the person that originally encrypted it had a problem with it.

Re:The DMC is bad enough - you needn't make stuff

[Danse]

I doubt they even bothered to copyright it.

Anything you write is automatically copyrighted. You don't have to register it or anything anymore.

Spoiler

[Tungz10]

The digits 1-9 appear an equal number of times from 1 to 999,999. That is, if you write out all the numbers in a vertical column, each column will have 100,000 1's, 100,000 2's, etc, except in a different order which doesn't matter.

The sum of 1 to 9 is 45. so the sum of each column is 45 * 100,000 = 4,500,000. There are six columns of digits, so multiply that by six to get 27,000,000. Now add the sum of the digits of 1,000,000.

The answer: 27,000,001

It's A Clever Gimmick

[FrankDrebin]

I lived in Lethbridge for a few months over ten years ago. It was a small town then and still is, as you can see here (less than 70,000 population).

IMHO, Southern Alberta is an attractive region if you're into farming or ranching, but doesn't generally have a large enough population to support the University of Lethbridge on its own. Calgary is only a couple hours away by car, and tends to draw the more city-minded students.

It seems the U of Lethbridge has to use these clever gimmicks to attract enough students from outside the region to keep itself viable. By making the crypto test relatively simple, it taps into the ego of a wider number of prospective students.

Pretty smart marketing move, actually.

Re:The REAL Story ... (here's the solution)

[feelafel]

2) with euler's method (well, one of euler's methods [n*(n+1)/2])

This would give you the summation of all natural numbers between 1 and 1000000. The question, however, is to find the summation of all decimal digits appearing in the sequence.

For example, 324 would contribute a total of 9 to the total sum.

So, the sum of 0..10 = 46
the sum of 0..100 = 901
the sum of 0..10^n = (n * 10^(n-1) * 45) + 1

In our case, we're looking for 0..10^6, so

= (6 * 100000 * 45) + 1
= 27000000 + 1
= 27000001

As I said, a little more complex, but not impossible to figure out if you take out pencil and paper and think about it.

To verify, simply create a brute force algorithm that loops from 1 to 1000000, where the loop code either uses mod and div to isolate the value of each digit of a number, or some funky string-integer transformations.

Re:The DMC is bad enough - you needn't make stuff

[digitalunity]

Y'all are freaking retarded. If there is anything that the Skylarov(sic), the copyright holder doesn't have to grant the Government permission to charge someone with a crime. The DMCA is very much a Criminal law as much as a Civil law. Even after adobe backed out, he still got charged for the crimes committed. In this case, I doubt anyone would get charged. Doesn't mean it couldn't or wouldn't happen.

You should be able to do that in your head

[Robber+Baron]

'nuff said.

Wow! I just made a poem!

Re:The REAL Story ... (the code isn't the challeng

[Xerithane]

First off, I went into the site and couldn't even figure out the navigation well enough to even want to go through it. And, for a scholarship don't they think they could have come up with a little bit of a harder problem? After giving up on their silly site, I perused slashdot and was kind of disappointed that it was that silly.

The college I attended had an annual competition where high school students built robotics or coded something, and would give out some degree of scholarships or other financial assistance towards prospective students and I can tell you that anybody who wrote a program to find the summation of all natural numbers would be laughed out. These were things like kernels, AI schemes, language recognition applications. I fail to see the cool factor in this. Any nerd deserving a scholarship for brains alone should really be challenged and not something that can be solved by a 2 minute script.

Re:The DMC is bad enough - you needn't make stuff

[digitalunity]

Y'all are freaking retarded. If there is anything that the Skylarov(sic), the copyright holder doesn't have to grant the Government permission to charge someone with a crime. The DMCA is very much a Criminal law as much as a Civil law. Even after adobe backed out, he still got charged for the crimes committed. In this case, I doubt anyone would get charged.

Doesn't mean it couldn't or wouldn't happen.

Re:Canandian Universities..

[freeweed]

All I had to do was submit my high school transcript with the application halfway through Grade 12. If you have good marks, it's harder to get a driver's license than it is to get into the University of Alberta. (Not to imply that it's an inferior University either.)

Nope, in fact many Canadian universities are very well respected. The difference here is, in Canada we believe in education for EVERYONE, or at least for the most possible. Not money, nor family connections, matter.

Of course, once you're in it's a whole different story. You still have to do the work involved, but there's no high-pressure entrance exam (at least not for a lot of Canuck schools) or insanely high fee. Kinda why we use a lot of government money in one of the few subsidies I can stomach: post-secondary education.

There's a reason why a majority (or so it seemed coming from my less-than-average high school) of Canadian kids go to University/College. No, it's not for everyone, and yes, a LOT of Canadians don't have degrees/diplomas. But usually, that's because of the student's performance AFTER getting out of high school (which is basically just a big social club where we learn algebra, anyway :)

the hard part is...

[markj02]

The hard part is to get the text corresponding to the encoded message so that you don't have to type it in. The ULeth Press Release has a JPEG (are you supposed to do OCR?), and the Go Figure web site has a really messy navigational structure and the message hidden in a PDF file. Now, getting it out requires experience with Adobe Acrobat or some other PDF tools. That's much harder than undoing the simple encoding or solving the trivial math problem.

moron

[autopr0n]

Felten was never prosecuted, he was threatened with prosecution. I could threaten you with prosecution for spreading false information, but that certanly wouldn't make it a crime

Re:moron

[renehollan]

Actually, IIRC, in Canada, threatening to prosecute is a crime (or at least used to be) -- you either prosecute or you don't.

The idea is to avoid intimidation by the threat of groundless prosecution that would nevertheless be expensive to defend against.

Of course, IANAL.

Wasn't all that hard.....

[sonicsft]

I'm a senior in highschool and I "cracked" the "code" in about 6min....The hardest of the whole thing was running find and replace for their base 4 alphabet(I was too lazy to write a script for it), and then punching some numbers into my scientific calculator. I wish some US schools would do this, then maybe I could afford to go to the schools I get accepted to.....

-sonicsft

Re:Wasn't all that hard.....

[Dr.+Evil]

The sum of the numbers from 1 to 1M fits a pattern. It is an old, old problem.

To toot my own horn, somebody asked me the question (1 to 100) in grade 10, on the other hand, just knowing that there is a solution and that it can be done in your head, makes solving it trivial.

Just think of the sets of numbers which add up to 1M, and do some multiplication.
1M + 0 = 1 M
999,999 + 1 = 1M
999,998 + 2 = 1M
...

Think about 1 to 10, and you can figure out where stuff meets up. 6+4 = 10, so the 5 has no partner, or 500k has no partner in this case. Also, 6 to 10 is 5 sets, meaning that there is an even number of multiplications going on equal to "half" the number of numbers.

So, 500,000 * 1M + 500,000

It shouldn't be too hard to see the solution in your head, then work out any particulars on paper (I can't keep very much in my head).

Sort of like knowing that there is a way to triple the resolution of an LCD, most people immediately realized how sub-pixel rendering works.

NSA Problems

[SkewlD00d]

The NSA has some fun problems on its USA Mathematical Talent Search (USAMTS) page.

2^(2^(2^2 + 1) - 1) - 1 = 2^31 - 1: Mersenne prime

Re:The REAL Story ... (the code isn't the challeng

[Cryptnotic]

Someone's been watching too much late night TV. *grin*

Cryptnotic

Re:Look at me I'm a journalist

[Art+Tatum]

*Sigh* For the millionth time, Slashdot is NOT a journalistic institution. Yes, I KNOW that it says 'News for Nerds.' Ignore it--it's just a cute tagline and nothing more. Slashdot is a place that links to OTHER places and that lets you see pretty much raw commentary from others. Quit whining about the declining 'journalistic quality' of Slashdot--it never had any to begin with and nobody ever pretended that it did. Sheesh.

Cracking exams

[jmerelo]

In the old times of FidoNet, I shared a BBS with several students. I was teaching computer science 101 then. At 00:00 AM, 8 hours before the exam, I posted the exam to the BBS, in postscript (with the first line deleted, so that it was not inmediately recognizable as such), and compressed with zoo (not a very popular compressor, now and them). I put a rubbish name on top, so that, well, it wasn't only using zoo and ghostview. I sent a message to the 3 students telling them that I had posted the message in the file area, without telling them the name or anything else. They managed to "crack" it the next morning, 2 hours before the exam. The zoo part was easy (it includes "zoo" as the first letter in the file), the PS file a bit harder, and the hardest part, 10 years ago, was to find a program to print PS (download it thru fidonet and all the stuff).

They passed, but not with high marks; after all, they had only a couple of hours to prepare it. They would have been better off studying thru the night...

Ok, I was bored.

[molo]

I decoded the message. I guess I'm bored. I didn't quite get the numerals in the address though.


TO WIN A SCHOLARSHIP
FROM THE UNIVERSITY
OF LETHBRIDGE

DO THE MATH.

FORMULA:

FIND THE SUM OF ALL DECIMAL
DIGITS APPEARING IN THE NATURAL
NUMBERS FROM ONE TO ONE MILLION
INCLUSIVE.

CONTEST ENTRIES MUST BE
RECEIVED BY DECEMBER 12/31/01

TO ENTER ONLINE: VISIT
WWW.ULETH.CA AND SUBMIT YOUR
ANSWER.

MAIL: SEND YOUR ANSWER, ALONG
WITH YOUR NAME, FULL ADDRESS AND
PHONE NUMBER TO GO FIGURE WHAT
MAGAZINE,108/,93/ LOMBARD AVENUE,
WINNIPEG, MB, R3/B3/B1/.



Computed as follows:

0 + 1,000,000 = 1E6
1 + 999,999 = 1E6
2 + 999,998 = 1E6
...
499,998 + 500,002 = 1E6
499,999 + 500,001 = 1E6

and 500,000 left over.

so, we have 500,000 pairs equaling 1E6, giving 5E5 * 1E6 = 5E11. Add 5E5 left over, and you get your answer of 5.000005E11 = 500000500000.

Confirmed with the following bc program:

total=0;
for(i=0;i<=1000000;i++)
total+=i;
total

Re:Ok, I was bored.

[raoulortega]

You summed the series, but that's not what's being asked. You are supposed to sum the digits

For a series that would be

(n + 1) * (n / 2)

The answer is (45 * (10 ^(n-1)) * n) + 1 where n is the power of ten, 6 in this case.

Re:Disclaimer?

[Arandir]

All he'd need is a valid disclaimer. If he is creating his own crypt method then he just needs to say that it's ok to break it. Surely?

Do any of you guys try to find stuff out on your own, or do you just regurgitate the shit that Slashdot feeds you.

The DMCA is about copyright, not about decrypting a message in base four. Geez. If Adobe (as just a hypothetical example) decided to encrypt their PDF files in base four, then it would be illegal to decrypt those files. But it would NOT be illegal to decrypt any non-PDF base four encodings. The DMCA is Evil enough without you inventing yet new Evils for it.

In summary, no one needs any damn disclaimer to use base four (or rot13). Get real.

Re:Canandian Universities..

[Kwil]

The difference here is, in Canada we believe in education for EVERYONE, or at least for the most possible. Not money, nor family connections, matter.

At least, we like to think so, and our government sure likes to tell us so. Too bad the statistics say otherwise. Basically, if you're poor, you have only half the chance of attending university of someone who's rich. That may be better odds than the states, it may not, but it definitely doesn't fit with the "money doesn't make a difference" line.

As for tuitions, Canadian university tuitions work out to about the same as many US universities and colleges. In fact, unless they're going to a University away from home, the average American student can wind up paying less thanks to the larger number of scholarship/grant programs available.

Of course, if you're Canadian, you can work on changing this. Start with your MLA and be sure to send a copy on to your MP. If enough people bring the issue up to the electeds, maybe they'll finally start doing something about it.

Give it to the jock instead

Your right, that scholarship should have gone to someone in athletics instead so he could get his CS degree. I think this is a good way of FOCUSING on students that normally wouldnt have as many chances at scholarships as your head of the football/hocky team types. Yes in some cases breaking encryption wouldnt be that hard, but how many people at your school would know how to, or even know how to spell encryption to begin with.

ummmm

[nomadic]

I don't mean to burst your bubble, people, but this was aimed at pre-University 16-19 year olds. Unless you're in this age range I don't think it's a huge deal to have solved it...

Re:The DMC is bad enough - you needn't make stuff

[GMontag451]

Anything you write is automatically copyrighted. You don't have to register it or anything anymore.

Except, of course, uncopyrightable material, such as math problems as they were dealing with in this case.

DMCA.. YEAH!

[ShaniaTwain]

D.. M.. C.. A..

Don't Mess with Company Assets
Decieving Many Consumer Assholes
Devious Money Consumes All
Diabolical Medling Corporate Attorneys
Etc.. etc..

EVERYBODY NOW.. It fun to violate the D.M.C.A..
D.M.C.A.

Re:Canandian Universities..

[SuiteSisterMary]

You've got the 'dedicated' people who can plow through the crap. You've got the 'smart' people who are bored silly, and there's no alternative for them, so they skate by on Cs and Ds. You've got the 'challenged' people, who DO have an alternative (special programs out the wazoo) and get the care and extra attention they deserve. You've got the 'average' students for whom the entire general cirriculum is geared for. So in academic terms, being terribly bright, as we all know, is quite the detriment. Yes, y'all can come up with ten thousand counterexamples, but this is, by and large, true and accurate. I guess for America I can add 'those good at sports, who are sailed through the other classes' and 'those with connections or rich daddies' but that's all based on hear-say. :-)

The answer is 27,000,001

[The+Smith]

Using a combination of C, fold, shell and grep, I can confirm that this (27,000,001) is correct.

This is a harder problem than you might think, but it's not helped by the idiots who can't even understand the question and try to add the numbers 1 to 1,000,000.

Re:But I was bored longer...

[thue]

That would mean that the average digit sum of a number was 5, which is clearly wrong.

I happened to find the same result as the parent ((45 * (10 ^(n-1)) * n) + 1), which makes it likely to be right. That gives 27.000.001.

Method: See that all possible combinations of 6-digit numbers are in the range 000000...999999. Then for a given digit all numbers occur with the same frequency due to symmetri. Then the average contribution of that digit is sum(0..9)/10=45/10. Then the average contribution of a 6-digit number is 6*45/10. There are 1.000.000 numbers in 000000...999999, so we multiply the average with 1000000. Now we have the sum from 1-999999, but we needed the sum 1-1000000, so we add digitsum(1000000)=1.

The result is then 45/10*1.000.000*6+1 = 45*100.000*6+1=45*10^(6-1)*6+1. Generalize the number of digits and you get the formula above.

Trivial? So?

[debrain]

Cuecat was pretty trivial, too, remember?

The complexity of the object does not seem to mitigate the draconian principle being applied to it.

Code

[mrfiddlehead]

There's a lot of huffing and puffing and sniffing going on here about the quality of the "code" and/or "encryption" technique used here. This message is a perfectly valid example of an encoding technique. In fact, there are two methods of encoding here: 1) the characters are first indexed numerically and then 2) the indices are written in base 4. Granted, it was pretty obvious that it was going to be a simple solution since the first thing that jumps out at you is the fact that it is a series of base 4 numbers. But that's not the goddamn point.

The point is about solving a problem. It is about the thought processes involved, not necessarily the difficulty involved in the encoding technique. What the fsck do you expect them to do? Publish a 1024 bit PGP encrypted problem and have potential candidates use distributed.net to crack the code?

Sheesh! Give them some credit. It's better than the usual approach to University entrance (a letter from daddy, with a fat cheque, to the dean).

Now bugger off and get out to the curb, the school bus is coming any minute now.

They wouldn't have one to jail over the DCMA

[Jason+Levine]

After all, the encryption they broke wouldn't have been a major company's. Remember, the DCMA only applies if you break the encryption of a company (or if a company feels that your breaking the encryption in any way impacts their bottom line). Then that company releases the lawyers on you. While the students would have technically violated the DCMA, they wouldn't go to jail over it. (Ok, I know that the DCMA really applies in all cases, but for all practical purposes it will only come into play if a company with lawyers feels threatened by the code cracking.)

skill vs. effort

[No+Such+Agency]

The hardest of the whole thing was running find and replace for their base 4 alphabet(I was too lazy to write a script for it)...

You know, Thomas Edison (aka. the a**hole who ripped off Tesla) supposedly said that "Genius is 1% inspiration and 99% perspiration". I'd say the same saying applies to undergraduate-level university work. If someone is "too lazy to write a script for it", they might find university level CS surprisingly hard even if they're the next Alan Turing.

(Yes, I know you're just trying to make a point. But so am I :-)

Re:The DMC is bad enough - you needn't make stuff

[delcielo]

First, Professor Felten WAS NOT PROSECUTED FOR BREAKING THE ENCRYPTION. He faced prosecution for publishing and presenting his work. That is a HUGE distinction. Obviously, it's something I still disagree with; but it's important to get the facts right.

Second, it may be feasible that a college student could be charged with something under the DMCA if the university got some bug up its arse over him/her; but it would require an idiot of a prosecutor. The university invited the act, and it would end up much as if they had hired the kid to break into their own office as a test of security. Weird things happen, so I'd never say never; but let's try to show a bit more reason.

Stop it!

[Tom7]

The DMCA is a bad law, but it does NOT prevent anyone from doing cryptography or breaking it. It ONLY applies to circumvention of access control to a COPYRIGHTED WORK. It is copyright law, not encryption law.

I think slashdot is perpetuating misunderstanding about this law, and I think that hurts our cause. Being informed is the first and most important step. Otherwise, we are just clueless zealots.

Trivial -- PHP Code:

[TheTomcat]

<?php

function to_letter($code) {
if (is_numeric($code)) {
return chr(64 + base_convert($code, 4, 10));
} else {
return $code;
}
}

$data = "110/033/ 113/021/032/ 001/ 103/003/020/033/030/001/102/103/020/021/100/\n";
$data .= "012/102/033/031/ 110/020/011/ 111/032/021/112/011/102/103/021/110/121/\n";
$data .= "033/012/ 030/011/110/020/002/102/021/010/013/011/\n";
$data .= "\n";
$data .= "010/033/ 110/020/011/ 031/001/110/020/.\n";
$data .= "\n";
// etc.

$data = split("/", $data);

foreach ($data AS $char) {
echo nl2br(ereg_replace("[0-9/]", "", $char));
echo to_letter($char);
}

?>

Re:The REAL Story ... (the code isn't the challeng

[csbruce]

If you look at all combinations from 000,000 to 999,999 (might as well include zero), each digit in each position appears 100,000 times. So, since the sum of 0 to 9 is 45, the summation for each digit position is 4.5e6. So, the total for six digits is 27e6. Add 1 for the 1,000,000 final input number, and you get 27,000,001. Now where's my degree?

Re:Wolf Holzmann Rules!!

[JMZero]

I had Wolf for Linear Algebra. Great guy.

The problem took me 10 minute 30 to solve...

-Dave

Re:The DMC is bad enough - you needn't make stuff

[Stonehand]

No. Or, rather, it'd get thrown out and the prosecutor ridiculed. Go read the law.

Re:The DMC is bad enough - you needn't make stuff

[ryanr]

Anything you write is automatically copyrighted. You don't have to register it or anything anymore.

You have to register it if you want to collect damages when you are violated. Otherwise, if you just want to control use of your work, you're correct.

You probably didn't include a stupid DCMA comment

[TheAwfulTruth]

Seriously... And sadly...

Re:OT/your sig

[hyoo]

I borrowed/stole someones sig.. =P

How does crytography make you a good CS student?

[xg0blin]

I think they were watching that part from a beautiful mind, where John Nash saw the numbers lighting up that were the correct sequence of numbers. Is that what they're hoping for? Come on, CS has alot more to do with other things than crytography. We have crytography here as a two credit hour seminar in CS. Figuring out an encrytion key != brilliant computer science student. More likely means that they are good at figuring out patterns. What about the 7 bridge 2 river problem from discrete math. That would be a more logical problem to try.

Re:The REAL Story ... (the code isn't the challeng

[hackerhue]

Perhaps figuring out the navigation to their site is another part of the challenge. ;-)

One line simple substitution cypher generator

[Michael+Woodhams]

for those who enjoy simple cryptanalysis:

perl -0777pe'$a="a";s/[a-z]/$b{lc$&}||=$a++/gei' filename

I use paragraphs of Jane Austin from Project Guttenburg to feed the cypher generator.

Re:Beg your pardon?

[nomadic]

Ok, I'll go along with that, but I wouldn't be surprised if intelligence does improve after 16, just not nearly as much as it used to. Sort of like how you can learn foreign languages no matter how old you are, but you learn them a lot faster at age 6.

My criticism was aimed at those people who were complaining about how easy it was; I felt they were the ones taking away from the legitimate 16-19 year olds who don't have that CS degree and mathematical training to help them. I have a great deal of respect for those who the problem was aimed at, and managed to solve it.

Re:=)

[justin.warren]

Umm.. if it's not 27,000,001 what is it?

The program in the previous reply calculates it as 27,000,001 and the following link shows the shortcut method I used: http://www.cpa.us.mensa.org/solutions.html

The sum of digits in the 6 and 7 digit numbers, aka sum of digits of natural numbers from 100000 to 9999999, inclusive, is 312749999.

Why am I replying to an abusive AC again?

Re:The REAL Story ... (the code isn't the challeng

[csbruce]

IE: the lower numbners repeat many times.

So what? Each digit position ultimately shows each digit 0-9 the same number of times and addition is totally commutative.

int main( int argc, char *argv[] )
{
long i, sum;

for (i=1,sum=0; i

Re:The REAL Story ... (the code isn't the challeng

[csbruce]

crap...

int main( int argc, char *argv[] )
{
long i, sum;

for (i=1,sum=0; i <= 1000000; i++) {
sum += (i/1000000)%10 + (i/100000)%10 + (i/10000)%10
+ (i/1000)%10 + (i/100)%10 + (i/10)%10 + i%10;
}
printf("sum = %ld\n", sum);
return( 0 );
}

$ a.out
sum = 27000001

What is wrong with Slashdot <TT> indentation?